Ok, I'm opening a can of worms, and there will be a lot of testosterone being thrown about While it is hard to say for sure, I think most would agree SANS and OffSec have probably the best hacking courses in the world, at the moment. While OffSec has a much more hands-on approach and is miles better in that respect as well as the examination, in terms of actual course content and what they cover, is SANS superior (esp. when taking 660 ans 710 into account)? And lets completely disregard the cost.

I can't speak for SANS' courses, as I've not taken them. I took the GPEN exam, and was able to complete that without a class, so I'm not a big fan of written exams. Book knowledge is easy to attain.

That said, I would love to take 542 and compare it to OffSec's stuff, as I think the web-app angle and techniques taught by Kevin and the SANS instructors are likely really good. So I think that's one area I'd be interested to hear about, as well.

But in terms of examination and actual certification, nothing, IMHO, compares to hands-on, practical exams. And OffSec has pretty much locked in a solid title, on that (short of sil's "Real World" course he talked about, a while back, which sounds even deeper, so maybe someday, I'll be able to jump into that one, too...)

I'm content, right now, working on OSCE, so I'll save my other thoughts for later.

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

I think they're complimentary. For example, compare GPEN and OSCP. OSCP is undoubtedly more technical and hands-on, but GPEN also covers more legal issues, presentation, and other business issues. I can't speak to any of the more advanced material from either at this time, but I would suspect that you will find they each have strengths and weakness. If you can only choose one, you should compare the course breakdown and syllabus to determine which one would be most appropriate for you.

I have taken courses from both organisations. I think they complement each other quite well. there are however a few differences:

Support----------------SANS: If you go the ondemand route then you have access to a virtual mentor for a period of 4 months. They will answer just about ANY question you throw at them. And the turnaround times are usually quick. In my experience the VM[Virtual Mentors] have been quite knowledgeable.

OFFSEC: You are essentially on your own. In most instances you have to reach out to other students for assistance. It gets frustrating at times especially when your back is against the wall and you are told to "Try Harder".

Content------------------SANS: The material is solid although I have found a few instances where the material was incorrect or riddled with typos. They also seem to cover a broader range topics. So for instance the GPEN took the student through the entire sequence of events to perform a pentest - get out of jail free card, scoping, laws, rules of engagement and a host of other soft topics.

OFFSEC: Here again, the material is very good. It does however tend to be a bit more focused.

Labs-----------------OFFSEC: Hands down the best lab I have experienced to date. And this is both in terms of layout and exercises.

Course Material:SANS: You actually recieve text books that you can add to your library I guess. The content is well laid out and easy to get through.

OFFSEC: You receieve a water marked pdf file. So in the end it boils down to preference. A pdf you can always take with you. Walking around with a bag full of books ................

Exam----------------------SANS: Still multiple choice. Now even though this is open book, if you do not KNOW the material you will still have a hard time passing.

OFFSEC:To the DEATH. Enough said

Offerings:SANS: Has a wider array of certifications to choose from. However OFFSEC has recently added a few new ones.

In the end it boils down to your learning style. If you want guidance and a bit of hand holding then go SANS. If you want to suffer immense pain then go OSCP. For best results do them both.

Last edited by Dark_Knight on Fri Feb 17, 2012 4:07 pm, edited 1 time in total.

Another thought that applies to many security professionals, SANS is DoD compliant in much of their coursework, and I am not so sure OffSec will help you there. I am not saying SANS is better, just perhaps better represented in the govt.

hayabusa wrote:That said, I would love to take 542 and compare it to OffSec's stuff, as I think the web-app angle and techniques taught by Kevin and the SANS instructors are likely really good. So I think that's one area I'd be interested to hear about, as well.

It is possible to pass GWAPT without studying, I was lucky to be offered a practice exam last year and the exam was okay, but I wasn't intrigued. The SEC542 course, will teach you the basics, but won't teach you any advanced stuff, or for that sake give you the practical hands-on you really want to learn, at least, that's what a live-class student told me after I had a few sessions with him (for free and fun) in 2011 or 2010.

Not saying it's a bad course, just keep in mind you won't become a real web app sec pro, but you'll cover a lot of different topics, and dive into topics not many other courses provide, but it still lacks some of the really interesting and cool topics, but that can change of course

Well, that pretty much answers that. While I was intrigued, if it was as much book as the GPEN, then it wasn't something I'd want to fork the cash out on. I had another EH-net'er I was talking to, on PM, today, who told me if I can get through WAHH2, I could likely pass GWAPT. So I think I'll save the money, perhaps just take the exam, at some point, and save my cash.

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

hayabusa wrote:I had another EH-net'er I was talking to, on PM, today, who told me if I can get through WAHH2, I could likely pass GWAPT. So I think I'll save the money, perhaps just take the exam, at some point, and save my cash.

That's my plan as well. I ordered WAHH2 yesterday and will probably make an exam attempt in the next 2-3 months. I'll definitely keep you posted.

Since the SANS courses prepare you for the GIAC certs, it certainly has more recognition by non-security folk (HR) than OffSec. But that hopefully will change. I would also agree about the DoD compliance. OffSec can certainly compliment the SANS material by giving you that much needed hands-on experience. If need be you can always emphasize the OffSec material in your cover letter or during phone interviews.

Also OffSec is more of a time investment than a monetary one. SANS is pretty structured. Get through material, take 1st practice test, review your weak areas and mark the hell out of your books. Take 2nd practice exam if you think you need to and then go take the real exam.

OffSec - here is the content, we will give you a taste, here is the lab, go have some fun. Now, do it for real and give us a report on your findings! I really like the courses that emphasize the report writing.